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Abstract. Let p and r be two primes and n, m be two distinct divisors of pr. Consider 
3>„ and <& m , the n-th and m-th cyclotomic polynomials. In this paper, we present lower 
and upper bounds for the coefficients of the inverse of $„ modulo <I> m . 

1. Introduction 

The magnitude of coefficients of polynomials derived from cyclotomic polynomials has 
attracted attention since the 19th century. If ip denotes the Euler totient function, the 
n-th cyclotomic polynomial $ n is a monic polynomial of degree (p(n) whose roots are the 
primitive n-th roots of unity. In the following, we denote by its coefficients. 

Many results published so far deal with On one hand, we have asymptotic results 
which outline that these coefficients may have an exponential behavior for infinitely many 
n (see for instance Erdos [10] or Bateman [4]). On the other hand, there exists numerous 
studies for integers n composed of only few prime factors. In this way, Migotti [13] showed 
in 1883 that if n is composed of at most two primes p and r, the coefficients of & pr can 
only be 0, —1, or 1. Later, around 1965, Beiter [5] and Carlitz [7] exhibit more precise 
criteria for these coefficients to be or ±1. More recently, Lam and Leung [12] give in 
1996 these coefficients in an explicit way. 

The first example of a cyclotomic polynomial with a 2 among its coefficients is for 
n = 105. Yet, when n is the product of few primes, we can still find interesting bounds 
for the coefficients of <!>„. It started in 1895 with Bang. For n product of three distinct 
primes, p < q < r, Bang [3] showed that |aj| ^ p — 1. Later, in 1968, Beiter [5] gave a 
better bound when q or r equals ±1 modulo p, that is \ai\ ^ (p — l)/2. The conjecture 
that this bound could hold for all prime numbers p, q, r has been recently proved to be 
wrong by Gallot and Moree in [11]. Bachman [2] gave a better bound in 2003 for any p, 
q, r, \a,i\ ^ p — [p/4~|. In 1968, Bloom [6] even gave a bound for n = pqrs, product of four 
primes with p < q < r < s : \di\ ^ p(p — l)(pq — 1). 

This paper deals with modular inverses of cyclotomic polynomials. If & m and are 
coprime, then $ m is invertible modulo $ n and, following the example of $ n , we may ask 
whether the coefficients of ffr" 1 mod $ n are of special form. Especially, we noticed that the 
magnitude of these coefficients is very particular when n is composed of few prime factors, 
and we thoroughly prove lower and upper bounds for them when m and n are two distinct 
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divisors of pr, the product of two primes. In the case of the product of three primes pqr, 
the particular structure of & pqr may also yield interesting results, but is out of the scope 
of this work. 

Our main motivation is the computation of the isomorphism between the multiplicative 
group of a finite field ¥ g N and the product of some of its subgroups, since q N — 1 = 
Y\.d\N^d(o)- Such calculations typically occur in torus-based cryptographic schemes, as 
developed by Silverberg and Rubin [14] , and the present bounds lead improvements in the 
running times of algorithms in this field (see [8, ?]). But, these inverses show up in many 
other contexts, since they are inverses of cyclotomic units in cyclotomic fields. 

Section 2 is dedicated to the resultant of <£ m and To that end, we show the following 
lemma. 

Lemma 1. For all integers m > n ^ 1, 

Res(<& m , 5> n ) 7^ 1 m = np a with p prime and a ^ 1. 

This is a consequence of a result by Apostol [1] about the resultant of cyclotomic poly- 
nomials. We suspect that it is already known since it helps proving the equivalence of two 
definitions of an algebraic torus (see [14] again for further details) but we did not find any 
explicit proof of it in the literature. As a result, we obtain a condition for the coprimality 
of & m (q) and & n (q), whatever the integer q is. 

In the case of two coprime cyclotomic polynomials, we can consider the inverse of $ m 
modulo <£ n . In Section 3, we make an exhaustive study when n and m are divisors of the 
product of two primes. 

Theorem 1. For all p and r distinct prime numbers, 

(i) ^p 1 mod $i = l/p and ^ mod $ p = (-l/p)(X p - 2 + 2X P ~ 3 + ...+p- 1). 

(ii) mod $i = 1 and ^ mod <5> pr = £fj£ r)_1 v i X ' 1 with v i G { _1 > °> 1 }- 

(iii) <Z>- 7 1 mod $ p = \ J2t=o X * with d = r ~ 1 mod P and % 1 mod ®w = I T^i^ 1 Vi** 
with Vi < r. 

(iv) ^ mod $ r = Ef=o yi ViX 1 with Vi £ {0, -1, +1}. 

Notations. In this paper, V denotes the set of all prime numbers and (m, n) is the greatest 
common divisor of m and n. We also recall the following result about Mobius fi function, 

Vn>l, J>(d) = 0. (1) 

d\n 

2. Coprimality 

In this section, we consider the resultant of two cyclotomic polynomials <E> TO and <J> n . In 
order to prove Lemma 1, we start from Theorem 2, due to Apostol [1]. 
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Theorem 2 (Apostol, [1]). Let m > 1, then 
Besides, let m > n > 1, then 

U(n/d)^ 



\p if m = p a , p prime, a ^ 1, 
I 1 otherwise. 



Res{<5> n M= \{ p^ d >^ (2) 

d\n 

peV such that j^js=P a 

where fx is the Mobius function and ip the d'Euler totient function. This product is per- 
formed over the divisors d of n such that m/(m,d) is a prime power p a . 

We can now prove Lemma 1. 

Proof. For n = 1, we have Res($ m , 3>i) = (— l)^ m )Res(<I>i, 3> m ) and <p(m) is even as soon 
as m > 2. So the resultant equals 1 if and only if m is not a prime power. 

Now, let us consider m > n > 1. This time we are going to use Eq.(2). 

Sufficiency. If m = np a , we can consider the powers of p showing up in the product and 
show that it does not equal 1. 

For d dividing n, we have m/(m,d) = {n/d)p a because n\m. So this is a power of p, 
only if n/d = p £ . But ji{n/d) =0 as soon as e > 1. So the only non trivial terms will 
correspond to the cases e = 1 and e = 0. 

• For e = 0, we have d = n, so m/(m, d) = p a and a = a, which implies 

u ( n \ ip(m) <p(m) 
d I tp(p a ) = pf(p a ) # 

• For e = 1, we have d = n/p, so m/(m, d) = and a = a + 1, which implies 

/n\ y(m) <p(rn) 

pr\d)<p(p a ) = p ¥>(p a + 1 ) _ 

¥>(m)( 



The contribution in terms of powers of p is p^ '^v") > i. 

Necessity. We want to isolate the common factor of m and n, if they have one. That is 
to say, we write m = wM and n = w N with (M,N) = 1. 

u(n/d) y(m - ) 

Since the resultant is not 1, we have at least one non trivial term p ' v(p a ) in the 
product for some d such that m/(m, d) = p a . 

Since d\wN, we can write d = d\di with <ii|iy and di\N . Let us suppose di maximal for 
this property, i.e. (wjdx^d-i) = 1. We call w 1 = w/d. Then 

m wM wM wM w 

= = = = M. 

(m,d) (wM,did 2 ) di(w'M,d 2 ) di(w',d 2 ) (w,d) 

So (w/(w, d))M = p a , which implies that M is a power of p, say M = p a . But w/(w, d) is 
also a power of p. Let p r be the greatest power of p in w, so that w = p r s with p \ s. Thus 
the powers involved in the product are \i (n/d) = (i (p r sN/d). 
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We know that it will be zero as soon as p has power at least 2 in /i. So the contribution 
to the product will be non trivial only if d = p r ~ £ 5 with e = 0orlifr^l and 5|siV. More 
precisely 5 = s'dz with c^iV and s'\s. Then (w,d) = p r ~ £ (s/s') and we can even assert 
that s = s' because w/(w,d) must be a power of p and p \ s. 

Finally, 

w = p r s, d = p r ~ £ sd2 with c^liV and e = or 1 if r ^ 1. 

Thus w/(w, d) = p a ~ a = p £ . Now we can give the contribution to the product. 
If e = 0, then a! = wa!2, a = a and the product is 

nu(n/d)^l T-r u ( N/ch )JP(l^_ ( jPirnl\^d 2 \N K^) / Ed 2 |AfM(rf2) 
pVW a ) v ( p *) =|| p ^' a2 > v (p a ) = prt") = p V ( P «) 

If e = 1, then d = wd^jp, a = a + 1 and the product is 

n/ ( "/^ = n/ (f) ^ = n/ (pKf) ^ ^^=1, 



,./„■> \ ^ntoi/v ^\ rf 2 / / ,,( n \ 



y(m) u fa1 \ Ed 2 |ArM( d 2) 

prt-j/^H^ 1 ) divides Res($ m ,$„) 



Thus, 



Since this result should be greater than 1, necessarily ^d 2 |iv M^) 7^ which is impos- 
sible unless N = 1 according to Eq. (1), and thus n = w and m = np a . □ 

Now it is easy to show the following condition of coprimality. 

Corollary 1. For any integer q and m > n ^ 1 integers, & m (q) and 3> n (</) are coprime if 
m does not divide n. 

Proof. If m does not divide n, we know from Lemma 1 that Res(<l> m , 5> n ) = 1, which is 
true in Z but also in Is/PL for any f £ Z since 1 is unchanged. Now suppose that & m (q) 
and & n (q) have a common factor, say £. Then <]? m and $ n have a common root, q, in Z/£Z 
and consequently their resultant is zero, which is false. □ 

3. Inversion of <& m mod <£ n 

Consider m and n such that the cyclotomic polynomials 3> m and <& n are coprime. Then 
<& m is invertible modulo <E> n and it is a natural question to try to compute ^m -1 modulo 
$ n and more precisely we would like to know the magnitude of its coefficients. 

Since § m and 3> ra are coprime we can write the Bezout relation 

<Z> m U + $ n V = 1. 

Our goal is to find U = 3>m -1 mod <£ n or at least quantify the magnitude of its coefficients. 
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In this section we are going to prove the four assertions of Theorem 1 in turn. We recall 
that $ n (l) = P if n = p a is a prime power; else 3> n (l) = for n > 1. 

3.1. Case m = p and n = 1. The cyclotomic polynomials <& p and $i are both easy to 
write and it is not difficult to obtain explicit expressions for their inverses. 

Proposition 1. For all prime number p, 

• <£p 1 mod $i = 1/p, 

• fcf 1 mod $p = -\{X p - 2 + 2XP~ 3 + . . . + p - 1). 

Proof. We simply check that the Bezout relation between <E> p and <E>i is valid. 

p-2 

-$!(X)(X p - 2 + 2X p - 3 + . . . + p - 1) + $ P (X) = (X - 1) + 1 - + $ p (X) 

fc=0 

p— 1 p— 2 p— 1 

= J> - - J> + 1 - p)X fc + Y,x k = P . 

k=l fc=0 fc=0 

□ 



3.2. Case m = pr and n = 1. The explicit expression of & pr is less convenient than that 
of & p , but we still have useful information thanks to Lam and Leung [12]. 

Proposition 2. For all p and r distinct prime numbers, 
• ^ mod $i = l. 



• $^ mod <S>pr = E£ 1)(r 1} 1 v i xi with v i G °. !}■ 

Proof. We are first looking for J7 in the Bezout relation & pr U + §\V = 1 and we know 
that it has degree 0. So a simple evaluation of this relation at 1 gives U(l) = 1, so 
$ pr _1 mod $i = l because $ pr (l) = 1- 

Now V is characterized by (X - l)V(X) = 1 - $ pr (X). Let V(X) = Yd=a v i xi and 
Qpr(X) = J2i=o a 'iX % with d = (p — l)(r — 1) — 1. Then we can write the equation as a 
linear system, 



-1 
1 











1 - a 




Vl 








Vd_ 




. ~ ad . 



equivalent to 



^0 




1 


Vl 




l l 


Vd_ 




.i • • 




e {0,±l} 







a - 1 
ai 



(+1 or —1) are alternating. So each Vi is necessarily or ±1. 



□ 



Note that a similar technique could allow us to compute $ n 1 modulo $i for any n since 
it is simply <3? n (l) which we explicitly know. 
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3.3. Case m = pr and n = p. This time we will need the explicit expression of <& pr . 
Proposition 3. For all p and r distinct prime numbers, 

1 d 

<& p r mod <£p = - x% w tth d = r — l mod p. 
r i=0 

Proof. Let us directly show that £ (^2i=o x ^ & pr = 1 mod <£ p . For this purpose, we need to 

use the expression of & pr given in [12]. Let s and t be two integers such that (p— l)(r — 1) = 
¥>(pr) = sp + tg. Then, 



* pr (x) = ( ) | E XJr ) - f E * ip ) f E XJr I *~ 

,i=0 / \j=0 I \i=s+l / \j=t+l 



-pr 



Thus, 



t p-l \ ci 

<VE^ mod< ^ = I ( s + l) ^ X J> - (r - 1 - s) £ xH^X* 

1=0 \ j=0 j=t+l / i=0 

p-l p-l \ ci 

(s + 1) xjr - r E xir E xi 

j=0 j=t+l J i=0 

But $ p (X r ) = Y7jZo Xjr > and then 

d p-l (i 

i=0 j=t+l i=0 

(t+l)r _ 1 ^a!+l _ 1 

~ r X r - 1 X - 1 

An explicit computation shows that (t + l)r = 1+pr— p(s+l). So X^ t+1 ^ r = X mod 3> p . 
Besides d + 1 = r mod p, so X d+1 = X r mod $ p , which leads to the result. There only 
remains r in the computed product. □ 

3.4. Case m = p and n = pr. Then the proof consists in examining the Euclidean division 
step by step. 

Proposition 4. For all p and r distinct prime numbers, 

$ p 1 mod $ pr = - y~" y ViX 1 with Vi < r. 

i 

Proof. We are looking for V in the Bezout relation & pr U + & P V = 1, where U = £ Ylt=o X ' L 
from Proposition 3. So, all we have to do is divide 1 — & pr U by & p . 

First, note that 1 — & pr U has only coefficients ±1. Indeed we know that the coefficients of 
<£ pr are alternating +l's and -l's among other 0's. So, if we write their explicit product, we 
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obtain a polynomial with simple coefficients (only or ±1) thanks to the Cauchy product. 
In fact, we divide a polynomial with coefficients in {0, ±1} by <J> p . 

If we simply examine the Euclidean division step by step, we can show by recurrence 
that the range of possible coefficients for the quotient increases by one at each step, and 
always contains 0. □ 

3.5. Case m = p and n = r with p and r two distinct primes. Before we give a proof 
for the last assertion in Theorem 1, we need to work on the general problem. The idea is 
to evaluate our Bezout relation at the roots of <& ra and to interpolate U from the values 
found at these points. 

The roots of <£ n are the primitive n-th roots of 1. If we call £ one of them and I n the 
set of integers prime with n : I n = {1 ^ j 1 ^ n — 1, (j, n) = 1}, they are j £ I n }. 
The evaluation of our Bezout relation in these points gives 

If we note U = Y^i=i u iX % ~ x then the equation can be written 

tp(n) 

vjg/„, s^r^^war 1 . 

i=l 

Proposition 5. For all distinct prime numbers p and r, 

<£p 1 mod $ r = u i x%1 witfl u i G {-!) 0) +!}■ 
i=l 

Proof. We show in appendix A (Lemma 3) that 

The primality of p and r yields very convenient simplifications: I r = {1, . . . ,r — 1} and 
(p(r) = r - 1, but also %(X) = 1 + X + . . . + X^ 1 and so $ p (l) = p. Similarly $ r (l) = r. 
Let us first calculate the quotient of Vandermonde determinants. 



(-l)r-l-J fe _,- ! 

(£?>- 2 11 V ^ ; 



\-2(-i _t-jVl 11 ^ ? ; 



(£J')-2(1 _ 
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But the remaining product is $ r (l) _1 = 1/r. Thus, 



We can write & P (X) as a geometric sum. So = (1 — — Finally we 

can give an explicit expression of ov-i-j^, • • • , & , ■ ■ ■ , £ r_1 )- Indeed, 

r-l 

l<fc<r-l i=l 



So we simply need to find the coefficients of Oi^fc^r-i(^ — £, k ) = (x^&) ■ 

The following calculation shows that <r r -i-i(£, ...,£>,..., f _1 ) = (-1)* Efc=o(? j ) fe - 



-1 /i-1 \ r-l /i-1 \ r-l /i-1 



i=l \fc=0 / i=l \fe=0 / i=l \fe=0 / 

r-2 / i \ r-l / i \ 

E E^') fc xr_1-i - E E^') fe xr ~^ 

i=0 \fe=0 / i=l \fc=l / 

r— 2 / i i \ r— 1 

xr ^ + E E^') fe - E^') fe xM - E(^') fc 



i=l \fc=0 k=l / fc=l 
<> ' 



= ^ r (X). 

And this expression can be seen as a geometric sum again. 

a r _ 1 _ i (^...,g,...,f- 1 ) = (-l) i ^^ 
Now we can simplify our expression for Ui : 



1 ^ _ r U^j {e _i)(i_ 

r Aj (i_^)(i_^) 



l ft J (l-r)(P-l) 



We can improve this expression using the following relation: 

_J_ = I ^>(r-2) + 2 ^p(r-3) + _ _ + (f . _ ^ 
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Indeed, 

r— 1 r— 1 r— 1 



fe=l fe=l fe=l 

r r— 1 

k=2 k=l 
r-2 

= (r-1)- -^(-1) 



fe=i 



=_l_^p(r-i) if jp^o mod r 

= r since jp ^ mod r (p prime and 1 ^ j ^ r — 1). 
So the final expression for Ui is 

^ r— 1 r— 1 



Ui 



j=l k=l 

r-1 r-2 



i=i fc=o 



j r-2 r-1 



y^( r _ _ 1) y^3(pk+l) _ £j(pk+2) _ £j(pk-i+l) + £j(pk-i+2)^ 
k=0 j=l 
_1 ■'- 2 

= — I> ~ k ~ l ) (Si W " 5 2(A;) - 5 3 (fc) + S 4 (*0) • 

ft_u S(fc) 

The sums = Y7j=i(£ A y are ac tually sums of all the powers of a r-th root of 1, except 
(^ j4 )° = 1. So if ^ is a prime root of 1, the sum simply equals -1. And if £ A is not a prime 
root of 1, the only possibility is £ A = 1 (i.e. A = mod r) and in this case the sum equals 
r-1. 

So depends on the value of the powers pk + 1, pk + 2, pk — i + 1 and pk — i + 2 modulo 

Most of time the four sums involved will all be equal to 1 and thus Si + S2 + S3 + S4 = 0. 
But there can be up to four values of k for which one of the four sums will not be equal to 
1 but to r — 1. 

• If there exists ^ k\ ^ r — 2 such that 1 + pk\ = mod r then S±(ki) = r — 1. 

• If there exists ^ k2 ^ r — 2 such that 2 + pk2 = mod r then S^A^) = r — 1. 

• If there exists ^ £3 ^ r — 2 such that l — i + pk^ = mod r then £3 (£3) = r — 1. 

• If there exists ^ k± ^ r — 2 such that 2 — i + = mod r then S l 4(/c4) = r — 1. 

The most important argument now is the following : in each sum Si all the powers of £ 
appear, except the power involving k = r — 1. In other words, for Si for instance, all the 
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sums S±(k) appear, for ^ k ^ r — 2. Besides the {1 + pk mod r, ^ k ^ r — 1} take all 
values {0, . . . , r — 1} because p and r are coprime. So either there will exist ^ k\ ^ r — 2 
such that 1 + pk\ = mod r or necessarily 1 + p{r — 1) = 0. 

Let us first prove that at least three fc's among hi, &2, ks and £4 exist. If there does not 
exist a kj, j = 1, 2, 3 or 4, then p{r — \) + l = 0[r] with / G {1, 2, 1 — i, 2 — i] respectively. So 
if two different k's do not exist, we will have this relation for I and I' amongjl, 2, 1— i, 2 — i}. 
So I = I' mod r, which is possible only if i = 1 or i = r — 1. 

So we have proved that at least three of the four fcj 's exist except for i = 1 and r — 1 . 
In the last two cases, two fcj-'s at least still exist since p{r — 1) + / = 0[r] cannot be 
simultaneously true for more than two different / G {1, 2, i — 1, i — 2}. 

Let us first consider the particular case i = r — 1. Then S = S± — 2S2 + S4. 

The possible contributions to the sum 5 for k = k±,k2 or k± are S'(fci) = (r — 1) — 
2(-l) + (-1) = r and similarly S , (fe 2 ) = -2r and S(k A ) = r. 

We know that at least 2 of these k's exist. So we have four different possibilities. 

• If there exist k\ , ki and k± then we have a system of three equations 



So r divides p(2&2 — k\ — k A ) and thus r\(2k2 — k\ — k±). Since each \ki\ does not 
exceed r — 1, 2/C2 — fci — /C4 = or ± r. 

So r 2 u\ = r(r — k\ — 1) — 2r(r — hi — 1) + r(r — ^4 — 1) = r(2/c2 — ^1 — ^4)- Thus 
u\ = or ±1. 

• If fci does not exist then equation (la) is replaced by 1 + p(r — 1) = mod r. So 
p = 1 mod r. Then solving equations (16) and (lc) with this particular p gives 
&2 = r — 2 and /C4 = r — 3. 

So r 2 ui = [(r - fe 2 - l)(-2r) + (r - k 4 - l)r] = -2r 2 + 2r 2 . Thus ui = 0. 

• If k2 does not exist then equation (16) is replaced by 2 + p{r — 1) = mod r. So 
p = 2 mod r. Then solving equations (la) and (lc) with this particular p gives 
2k\ = r — 1 and 2&4 = r — 3. 

So 2rV = [(2r - 2fei - 2)r + (2r - 2k 4 - 2)r] = 2r 2 . Thus m = 1. 

• If A;4 does not exist then equation (lc) is replaced by 3 + p(r — 1) = mod r. So 
p = 3 mod r. Then solving equations (la) and (16) with this particular p gives 



' 1+ph = 0[r] (la) 
< 2+pfc 2 = 0[r] (16) . 
3 + p/c 4 = 0[r] (lc) 




since r — 1 and r — 2 cannot be both divisible by 3. 
So 3r 2 m = [(3r-3ifei-3)r+(3r-3fc2-3)(-2r)] 

= (2r - 2)r + (r - l)(-2r) or (r - 2)r + (2r - l)(-2r). 
Thus ni = or —1. 
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Now let us consider the particular case i = 1. It is very similar to the previous 
case. Then S = 2S\ — S2 — S3, where S3 = Y^jZi f'^. So the powers involved are pk, 
pk + 1 and pk + 2. 

The possible contributions to the sum S for k = k±, &2 or A3 are S(Ai) = 2r, £(£2) = — r 
and S(Aft) = — r. Note that &3 = since it is such that pk% = mod r. 

We know that at least 2 of these k's exist. So we have three different possibilities. 

• If there exist k\ , &2 and A3 then we have the system of three equations 

= 0[r] (2a) 
2+pA 2 = 0[r] (26) . 
pk 3 = 0[r] (2c) 

So r divides p(2&2 — k\ — k±) and thus r | (2^2 — k\ — A4). Since each \k%\ does not 
exceed r — 1, — 2Ai = or ± r. So r 2 -u r -i = 2r(r — k\ — 1) — r(r — A2 — 1) — 
r(r — Aft — 1) = r(&2 — 2Ai). Thus u r -i = or ±1. 

• If k\ does not exist then equation (2a) is replaced by 1 + p{r — 1) = mod r. So 
p = 1 mod r. Then solving equations (26) and (2c) with this particular p gives 
/c2 = r — 2 and £3 = 0. 

So r 2 -u r _i = [(r — A 2 — 1)(— r) + (r — Aft — l)(—q)] = —r — r(r — 1). Thus u r -\ = 
-1. 

• If &2 does not exist then equation (26) is replaced by 2 + p(r — 1) = mod r. So 
p = 2 mod r. Then solving equations (2a) and (2c) with this particular p gives 
2k x = r - 1 and 2A 3 = 0. 

So 2r 2 u r _i = [(2r - 2k x - 2)(2r) + (2r - 2)(-r)] = 0. Thus u r _i = 0. 

Finally consider the general case 1 < i < r — 1. The potential nonzero contributions 
to Uj are S{k\) = (r — 1) — 2( — 1) + ( — 1) = r and similarly S^fo) = _ r ) 5 (£3) = — r and 
S(&4) = r when respectively k\, Aft; Aft and A4 exist. 

As we have previously seen, at most one k does not exist. So we have five different cases. 

• If k! , &2 , A3 and A4 exist then we have the system of four equations 

l+pki = 0[r] (3a) 

2+pfc 2 = 0[r] (36) 

1- i+pfc 3 = 0[r] (3c) ' 

2- i+pfc 4 = 0[r] (3d) 

Since p and r are coprime, r|(/c2 + k% — k\ — k^). But similarly to a previous case 
no I A; I exceeds r — 1. So finally A2 + Aft — k\ — k^ = or ±r. 
So r 2 tij = r(A2 + A3 — k\ — A4) =>■ m = or ±1. 

• If k± does not exist then equation (3a) is replaced by 1 + p{r — 1) = mod r. So 
p = 1 mod r. Then solving equations (36), (3c) and (3d) with this particular p gives 
A2 = t — 2, A3 = i — 1 and k^ = i — 2. 

So r 2 ui = (r — A2 — 1)(— r) + (r — A3 — 1)(— r) + (r — A4 — l)r = 0. Thus u% = 0. 

• If fc2 does not exist then equation (36) is replaced by 2 + p(r — 1) = mod r. So 
p = 2 mod r. Then solving equations (3a), (3c) and (3d) with this particular p 
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gives 



'2&i EE 


— 1 mod r 




'2fci =r-l 




'2fci = r - 1 


< 2k 3 EE 


i — 1 mod r 


< 


2fe 3 = i - 1 


or < 


2A; 3 = r + i - 1 


2k 4 EE 


i — 2 mod r 




2fc 4 = r + i - 2 




2& 4 = i- 2 



since i — 1 and i — 2 cannot be both even. 

So 2r 2 ni = (2r - 2ifei - 2)r + (2r - 2fc 3 - 2)(-r) + (2r - 2fc 4 - 2)r = or 2r 2 . 
Thus Uj = or 1. 

• If fc 3 does not exist then equation (3c) is replaced by 1 — i+p(r — 1) = mod r. So 
p ee 1 — i mod r. Then combining equations (3a), (36) and (3d) with this particular 
p shows that (1 — i)(k 4 + k\ — k2 + 1) =0 mod r. Since r and 1 — i are coprime, 
r\(k 4 + k\ — + 1), thus fc 4 + fci — &2 + 1 = or r. 

So (1 — i)r 2 tij = (1 — i)r 2 or 0. Thus itj = 1 or 0. 

• If fc 4 does not exist then equation (3d) is replaced by 2 — z + p(r — 1) = mod r. 
So p ee 2 — i mod r. Note that it cannot be a valid case for i = 2. Then combining 
equations (3a), (36) and (3c) with this particular p shows that (2 — i)(k2 — k\ + 
fc 3 + 1) ee mod r. Since r and 2 — i are coprime (z / 2), r| (^2 — &i + fc 3 + 1), thus 
&2 — &i + ^3 + 1 = or r. 

So (2 - i)r 2 tij = -(2 - i)r 2 or 0. Thus Ui = -1 or 0. 

□ 



Appendix A. 

The coefficients (MjOi^Kvfa) are the solutions of a system of linear equations whose 
matricial version is AU = W where W = [( < ^m(C 1 )) -1 ] ie/ an d 

"l £ ... ^W -1 

4 = 

1 £* ... (£ i )^( n )- 1 

^4 is a Vandermonde matrix so it is invertible since all (C)iei n are distinct. Thus we can 
give an explicit resolution of the system : U = A~ 1 W. We can find in [15] a paragraph 
concerning the inversion of a Vandermonde matrix but in our case it does not work that 
well with A since one row and one column are missing. So we are going to use more direct 
calculations and write A^ 1 = (1/det ^4)*com A. The Vandermonde determinant det^4 is 

detA = V{(e) ie i n )= II (e'-a 

i,i'el n 
i<i' 

The comatrix has coefficients [comA]^ = (— l) l+J Vij. We call Vij the determinant 
composed of all the coefficients in A, except the i-th row and the j-th column. 



= Key- 1 ] iei n 
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Lemma 2. Let ai{a\, . . . , a r ) denote the l-th elementary symmetric function (without the 
question of the sign). 



If A=[ 



Oi l<i<r 



ai(a 1 ,...,a r )= ^ a h x . . . x a ir 

l<ii<...<j ; <r 

then det A = V ((ai)i<^i<^ r ) (well-known Vandermonde determinant) 



0<j<r-l 

and its comatrix is given by 

[comA] i(hjo = (-l) l0+J '°ay._j (ai, . . . ,ch , . . .,a r )V(ai,.. . ,a^, . . . ,a r ). 

Proof. All we have to do is write the polynomial P{X) = Y\i^.i^r{X — a i) m terms of 

a Vandermonde determinant and identify the coefficients of the polynomial in X that we 
obtain. 

Let M(X) be simply the block matrix 



1 X 



X 



r-l 



A 

Now let us expand along the first row the following determinant, consisting in the matrix 



M without the row [l <ij ... a 



r-n 

io 



\(M ij ) i ^ i0+1 \=J2(-l) k - 1 V i0 , k X k -\ 



k=i 



Indeed we can write it without loss of generality in a convenient way for io = t. 



1 X 
1 a\ 



X 



r-l 



1 a. 



r— 1 



-r-l 



r-l 
l r-l 



r-l 

oi ... a 1 



r-l 

a r -l ■ ■ ■ a r -l 



1 a\ 



1 a 2 r _ x 



-r-l 



r-l 
l r-l 



X 



... + (-1) 



r-l 



1 a\ 



1 a r -\ 



-r-2 



1 r-l 



X 



r-l 



Besides |(Mjj)j^j 0+ i| is nothing but a Vandermonde determinant. 

Km^o^u+iI = Yl ( a i~ x ) n ( a * ,_a *) 



lsgjsjr 



l^i<i%r 



V(ai,...,ai Q ,...,a r ) 

(-l) r - 1 V(ai,...,aT ,...,a r ) ] [ {X <i, 



l^i^r 



(3) 
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But we also know the expansion of this product in terms of symmetric functions (with 
the convention o- = 1) : 



EI ( X ~ a ^ = $Z( _1 ) r k<T r~k{ai, ■ ■ ■ ,a io , . . . ,a r )X 



fc-1 



lsgisjr k=l 

Identifying this relation with (3), we finally have 

Vio , jo , Vi ,jo = ° r-jo (ai , . . . )V{a 1 ,...,a io ,...,a r ), 
which gives the expected formula since [com ^4]j j = (—iy o+ ^ Vi j . □ 

Corollary 2. For all 1 ^ i,j ^ <p{n), the comatrix of A has the following coefficients. 

[comA] id = (-ly+'vyw-j (^ k )kei n \{i}) V ■ 
Proof. We just have to use Lemma 2 with r = tp(n). The (a>i)i are (C)i&i n - ^ 

Now we can compute the coefficients of U. 
Lemma 3. 

V ((^ 

K- 1 )' "^H-i ~)kei n \{j}) 
Proof. First the coefficients of A -1 are 



= (-l) t+ V v(n) _ i ((C fc )fc G /„\{i} 

And now 

tp(n) 

i=i 



□ 



Ei /Vt*^ \ * \Ss )kei n \{j}) = 

(-1) %(n)-* [(£ hei n \{j}) v((£ k ) keI ) ^ ' 



Remark. The two Vandermonde determinants involved have many terms in common. 
After simplification there only remains 
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